Vulnerabilities > Wpwebinfotech
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-20 | CVE-2024-49272 | Cross-Site Request Forgery (CSRF) vulnerability in Wpwebinfotech Social Auto Poster Cross-Site Request Forgery (CSRF) vulnerability in WPWeb Social Auto Poster allows Cross Site Request Forgery.This issue affects Social Auto Poster: from n/a through 5.3.15. | 8.8 |
2024-07-24 | CVE-2024-6750 | Missing Authorization vulnerability in Wpwebinfotech Social Auto Poster The Social Auto Poster plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.3.14. | 7.5 |
2024-07-24 | CVE-2024-6751 | Cross-Site Request Forgery (CSRF) vulnerability in Wpwebinfotech Social Auto Poster The Social Auto Poster plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.3.14. | 6.5 |
2024-07-24 | CVE-2024-6752 | Cross-site Scripting vulnerability in Wpwebinfotech Social Auto Poster The Social Auto Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wp_name’ parameter in the 'wpw_auto_poster_map_wordpress_post_type' AJAX function in all versions up to, and including, 5.3.14 due to insufficient input sanitization and output escaping. | 5.4 |
2024-07-24 | CVE-2024-6753 | Cross-site Scripting vulnerability in Wpwebinfotech Social Auto Poster The Social Auto Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘mapTypes’ parameter in the 'wpw_auto_poster_map_wordpress_post_type' AJAX function in all versions up to, and including, 5.3.14 due to insufficient input sanitization and output escaping. | 6.1 |
2024-07-24 | CVE-2024-6754 | Missing Authorization vulnerability in Wpwebinfotech Social Auto Poster The Social Auto Poster plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the ‘wpw_auto_poster_update_tweet_template’ function in all versions up to, and including, 5.3.14. | 4.3 |
2024-07-24 | CVE-2024-6755 | Missing Authorization vulnerability in Wpwebinfotech Social Auto Poster The Social Auto Poster plugin for WordPress is vulnerable to unauthorized modification and loss of data due to a missing capability check on the ‘wpw_auto_poster_quick_delete_multiple’ function in all versions up to, and including, 5.3.14. | 5.3 |